Google For Work Now Boasts Gmail Data Loss Prevention

Google for Work customers now have an extra layer of protection against the distribution of sensitive content over Gmail.
Windows 10, New Devices, Exec Shakeup: Microsoft's 2015
Windows 10, New Devices, Exec Shakeup: Microsoft's 2015
(Click image for larger view and slideshow.)

Gmail for years has offered ways to save people from themselves. Mail Goggles, for example, asks Gmail users to solve simple math problems before sending messages, to help catch inappropriate or ill-considered sentiment. Undo Send offers a chance to recall messages sent in haste. But such whimsical safety nets don't really address the needs of business customers.

Now enterprise users of Gmail have their own mechanism for limiting the distribution of sensitive content. On Wednesday Google added Data Loss Prevention to Gmail for those using Google for Work.

Data Loss Prevention is designed to identify content in email -- in the message or in an attachment -- that violates corporate policy and to take whatever action has been specified by the administrator. Actions may range from quarantining the message for review, directing the sender to modify the message, or blocking the message and notifying to the sender.

"Organizations may have a policy that the Sales department should not share customer credit card information with vendors," explains Suzanne Frey, director of security, trust, and privacy for Google Apps, in a blog post. "And to keep information safe, admins can easily set up a DLP policy by selecting 'Credit Card Numbers' from a library of predefined content detectors."

Gmail DLP supports custom rules and regular expressions.

DLP has been a long time coming. In 2007, Google's Postini group offered a limited form of DLP called "logical expressions" for Gmail business customers. But it didn't meet the needs of many organizations. In 2012, Google began encouraging Postini customers to migrate to Google Apps for Work, based on the understanding that business customers could expect feature parity. But to use effective DLP, customers had to look to other providers.

[Read Gmail Gets Blocking Option.]

Frey says that Gmail DLP represents one step in a long-term effort to extend rule-based security across Google's product line. The company plans to bring DLP to Google Drive next year, along with support for other rule-based security systems.

Cloud security has become critical for customer trust since the 2013 Edward Snowden disclosures sowed doubt about the safety of data held by cloud companies. Other security-related improvements implemented by Google this year include the addition of SAML and OIDC support to Google Apps Identity Services in October; the expansion of mobile device and mobile app management tools in September; the ability to add customer-supplied encryption keys to Google Compute Engine; and the launch of Android for Work.

**Elite 100 2016: DEADLINE EXTENDED TO JAN. 18, 2016** There's still time to be a part of the prestigious InformationWeek Elite 100! Submit your company's application by Jan. 18, 2016. You'll find instructions and a submission form here: InformationWeek's Elite 100 2016.

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing